Threat Modeling: Analyze, Detect and Mitigate vulnerabilities in software
Threat modeling allows you to apply a structured approach to security and to address the top threats that have the greatest potential impact to your application first.
By identifying and rating threats based on a solid understanding of the architecture and implementation of your application, you can address threats with appropriate countermeasures in a logical order, starting with the threats that present the greatest risk.
Threat modeling has a structured approach that is far more cost efficient and effective than applying security features in a haphazard manner without knowing precisely what threats each feature is supposed to address. With a random, “shotgun” approach to security, how do you know when your application is “secure enough,” and how do you know the areas where your application is still vulnerable? In short, until you know your threats, you cannot secure your system.